Solved

Powershell script update

Posted on 2016-11-07
2
30 Views
Last Modified: 2016-11-21
I had to udate the script below  and include the samaccount name which will be as follow :

"Username.it.us.sys"

And also include each created account in the folowing group :

"G_ID_NetworkTeam" which i don't know how to update in the below script.

Can you Help ?

Below is the Ps script.


Import-Module ActiveDirectory

$MYPASSWORD = Read-Host "Enter Password" -AsSecureString

[int] $counter = 8000

do {

     #SET VARIABLES
     $USERNAME = "TCA000"+ $counter.tostring()
     $USERPRINCIPALNAME = $USERNAME + "@it.us.sys"
     $SAMACCOUNTNAME = $USERNAME + "@it.us.sys"
     $DISPLAYNAME = "Network Engineer"
     $FIRSTNAME = "Network Team"
     $LASTNAME = "P2V"
     $OUPATH = "OU=Network,OU=OU_Engineer,DC=it,DC=us,DC=sys"
     $EMAILADDRESS = "p2v_tca@eafentreprise.us"

     #CREATE USERS
     New-ADUser -Name $USERNAME -UserPrincipalName $USERPRINCIPALNAME -sAMAccountName $SAMACCOUNTNAME -DisplayName $DISPLAYNAME -GivenName $FIRSTNAME -Surname $LASTNAME -Path $OUPATH -Email $EMAILADDRESS -AccountPassword $MYPASSWORD -PasswordNeverExpires $True -Enabled $False

     #LOG OF CREATED USERS
     Get-ADUser -Identity $USERNAME -Properties EmailAddress,DisplayName,PasswordNeverExpires,Enabled | Select-Object Name,GivenName,Surname,DisplayName,EmailAddress,DistinguishedName,SamAccountName,UserPrincipalName,PasswordNeverExpires,Enabled | Out-file "NewUserResults.txt" -Append

     $counter++

} while ($counter -le 9999)



Thank You
0
Comment
Question by:AMATERASOU
2 Comments
 
LVL 83

Accepted Solution

by:
oBdA earned 500 total points
ID: 41877312
You can not use a samAccountName with a '@' as found in your script (OK, technically, with New-ADUser (the GUI will not allow this), you could - but it's pointless, because the user won't be able to logon with it).
Note, too, that the samAccountName is limited to 20 characters, and ".it.us.sys" takes away half of that, so with your current names, you're at the limit.

Import-Module ActiveDirectory

$MYPASSWORD = Read-Host "Enter Password" -AsSecureString

[int] $counter = 8000

$GroupMembers = @()
Do {

	#SET VARIABLES
	$USERNAME = "TCA000" + $counter.tostring()
	$USERPRINCIPALNAME = $USERNAME + ".it.us.sys"
	$SAMACCOUNTNAME = $USERNAME + "@it.us.sys"
	$DISPLAYNAME = "Network Engineer"
	$FIRSTNAME = "Network Team"
	$LASTNAME = "P2V"
	$OUPATH = "OU=Network,OU=OU_Engineer,DC=it,DC=us,DC=sys"
	$EMAILADDRESS = "p2v_tca@eafentreprise.us"

	#CREATE USERS
	New-ADUser -Name $USERNAME -UserPrincipalName $USERPRINCIPALNAME -sAMAccountName $SAMACCOUNTNAME -DisplayName $DISPLAYNAME -GivenName $FIRSTNAME -Surname $LASTNAME -Path $OUPATH -Email $EMAILADDRESS -AccountPassword $MYPASSWORD -PasswordNeverExpires $True -Enabled $False

	#LOG OF CREATED USERS
	Get-ADUser -Identity $USERNAME -Properties EmailAddress,DisplayName,PasswordNeverExpires,Enabled | Select-Object Name,GivenName,Surname,DisplayName,EmailAddress,DistinguishedName,SamAccountName,UserPrincipalName,PasswordNeverExpires,Enabled | Out-file "NewUserResults.txt" -Append

	$GroupMembers += $SAMACCOUNTNAME
	$counter++

} While ($counter -le 9999)
Add-ADGroupMember -Identity "G_ID_NetworkTeam" -Members $GroupMembers

Open in new window

0
 

Author Closing Comment

by:AMATERASOU
ID: 41896521
Thanks
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

How to sign a powershell script so you can prevent tampering, and only allow users to run authorised Powershell scripts
Synchronize a new Active Directory domain with an existing Office 365 tenant
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now